Re: library/binding for sftp?

[Alan Jump <alan.jump@gmail.com>]

On Thursday, August 8, 2013 12:18:09 PM UTC-7, Randy Brukardt wrote:
> Everything I read about security says that there is "no practical defense 
> against a determined attacker". That's a bit more nuanced than Dmitry's 
> statement, but it's repeated all of the time by the security experts I read. 
> You might be able to stop such an attack by unplugging all of your internet 
> connections and shutting down all of your computers, but even that isn't 
> certain. And who can do that for long?

You're close. The only truly secure computer is one that has NEVER had power applied to it. But since that fairly effectively eliminates the usefulness of a computer as anything except a really expensive doorstop, the best we can do is minimize the risks, since it's become impossible to completely eliminate them.

> And Dmitry's point about spies (like the NSA) using "known protocols" is 
> certainly true. They are much less likely to generally monitor what they 
> don't know about. Of course, if they are targetting you directly, see 
> statement 1.

I have nothing to fear from the NSA. What I fear in doing any sort of contract work is industrial espionage, which is a much more common occurrence, especially if one is on contract with a multinational (which, thank Ghu, I am not). 

> Honestly, your attitude is dangerously naive. Probably the best strategy of 
> all is to have no secrets that need protecting, as in today's environment 
> you should assume all information is being read (or could be read) by 
> someone.

Having no secrets to conceal is very close to being as impossible as concealing every secret one has indefinitely.

> When RRS was doing business with the NSA back in the 1980s, we used to 
> occassionally talk to the light fixtures to remind ourselves of the 
> possibility of survialence. We thought it was reasonably likely that we were 
> spied upon even then, and it's 100 times easier today (we didn't have a 
> network - we used sneaker-net - and weren't connected to any public network 
> until we started working on Ada 9x).

As stated before, the best one can hope for in this so-called "modern" era is to minimize the risks, and part of that is minimizing the damage which can be done by compromised data, be it at rest or in motion. I'd much prefer to place a certain level of trust into peer-reviewed, thoroughly-tested algorithms than in an internally-developed process of unknown and untried effectiveness. I say "unknown and untried" because internally-developed security processes seldom, if ever, are revealed to the computing public at large as having been compromised...they simply quietly go away, and may or may not appear in security textbooks a few years later as examples of what not to do.

Just my 2p worth.

 - -
73 de N5ILN
Alan